Code/Git

Not logged in - Log In / Register

Revision 2 as of 2015-04-01 09:39:36

Clear message

This page is about Git support in Launchpad's Code Hosting component. Please ask for help right away if you have any questions.

Git hosting

Launchpad is gaining direct Git hosting support alongside its existing Bazaar hosting support. This page provides some basic orientation to developers intending to work on this, along the same lines as Code. The major subsystems involved are:

The git client

This is what users install on their systems to use Git. It is also installed on the hosting backend to support the receive-pack and upload-pack protocols.

Hosting service

The outside world connects to the Git hosting service using one of several protocols:

Scheme

Authentication

Supports private repositories

Can push

git://

none

no

no

git+ssh://

required (SSH)

yes

yes

https://

none yet

not yet

not yet

At present HTTPS support is rather basic; it will become more useful once we add access tokens (for the git client) and OpenID integration (for cgit).

SSL is terminated by Apache for HTTPS, and all these protocols pass through haproxy for load balancing (although at the moment we only have a single backend). The underlying protocol endpoints live in lp:turnip, which invokes git upload-pack and git receive-pack to implement the git protocol itself.

turnip also provides an internal API used by the Launchpad web application to manipulate and inspect repositories; and in turn the Launchpad web application provides an internal XML-RPC interface used by turnip to translate logical repository paths to filesystem paths and to notify Launchpad of repository changes.

turnip is deployed using Juju, using the turnip charm. We deploy the stock gunicorn charm as a subordinate to help to publish the internal API service.

The web application

Code that is executed as part of the Launchpad web application. Major features:

Repository source code browser

Launchpad uses the external cgit project to provide a web view of the repository contents. This is invoked by turnip when it receives HTTPS requests that don't correspond to git's smart HTTP protocol, and turnip deals with configuring cgit appropriately for each repository.

cgit is currently only set up to serve public repositories. This will change once we have an OpenID consumer in place so that we can use SSO authentication.

Unlike typical cgit deployments, there is no global index of repositories, partly because it would be enormous and partly because it would be very difficult to do sensibly while also taking privacy into consideration.

We currently use the stock cgit package from Ubuntu vivid, copied into the Launchpad PPA and rebuilt for trusty.